<html>
<head>
    <script src="../resources/cross-frame-access.js"></script>
    <script>
        if (window.testRunner) {
            testRunner.dumpAsText();
            testRunner.dumpChildFrames();
            testRunner.waitUntilDone();
        }

        function loaded() {
            // This has to be broken into parts so that when it is included below the <script> tags
            // are not interpreted as closing the current script context.
            var innerURLFirstPart = "data:text/html,<html>"
                + "<head>"
                +     "<scr";
                
            var innerURLSecondPart = "ipt>"
                +         "function fireSentinel() {"
                +             "window.parent.postMessage(\"perform test\", \"*\");"
                +         "}"
                +     "</scr";

            var innerURLThirdPart = "ipt>"
                + "</head>"
                + "<body onload=\"fireSentinel();\">"
                +     "<p id=\"accessMe\">PASS: Cross frame access from a data: URL was denied.</p>"
                +     "<p>Inner-inner iframe.</p>"
                + "</body>"
                + "</html>";

            var url = "data:text/html,<html>"
                + "<head>"
                +     "<scr" + "ipt>"
                +         "function loaded() {"
                +             "window.addEventListener('message', performTest);"
                +             "var iframe = document.getElementById('inner');"
                +             "iframe.src = '" + innerURLFirstPart + "' + '" + innerURLSecondPart + "' + '" + innerURLThirdPart + "';"
                +         "}"
                +         "function performTest() {"
                +             "try {"
                +                 "frames[0].document.getElementById('accessMe').innerHTML = 'FAIL: Cross frame access from a data: URL was allowed.';"
                +             "} catch (e) {"
                +             "}"
                +             "if (window.testRunner)"
                +                 "testRunner.notifyDone();"
                +         "}"
                +     "</scr" + "ipt>"
                + "</head>"
                + "<body onload='loaded();'>"
                +     "<iframe id='inner' name='inner'></iframe>"
                +     "<p>Inner iframe.</p>"
                +     "<pre id='console'></pre>"
                + "</body>"
                + "</html>";

            var iframe = document.getElementById("aFrame");
            iframe.src = url;
        }
    </script>
</head>
<body onload="loaded();">
    <p>This tests that a data: URL subframe can't access a child data: URL subframe of itself.</p>
    <iframe name="aFrame" id="aFrame" style="width: 500px; height: 300px;"></iframe>
</body>
</html>
